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384 


( { ( ( (database$l OR register$l OR registr$3 
OR administrator$l OR agent$l OR vendor$ 
OR server$l OR station$l) 

SAME 

{(person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 

SAME 

(((secur$4 OR access$4 OR authoriz$6 OR 
authoris$6) NEAR4 (level$l OR categor$3 OR 
option$l)) OR privilege$l) ) ) AND 

( (person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 

WITH 

(transmi$6 OR send$4 OR forward$4 OR 
transfer$6 OR receiv$4 OR download$4 OR 
retriev$4)) AND ( ( (secur$4 OR access$4 OR 
authoriz$6 OR authoris$6 OR privilege$l) 
NEAR4 (level$l OR categor$3 OR option$l OR 
zon$3 OR layer$3 OR grain$l OR granular$4 
OR discrete) )) ) AND (request$4 

SAME 

( ( (person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR 4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 

WITH 

{transmi$6 OR send$4 OR forward$4 OR 
transfer$6 OR receiv$4 OR download$4 OR 
retriev$4 ) ) ) 


US PAT 


2003/06/02 09:29 
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53 ( ( ( ( ( (databaseSl OR register$l OR 

registr$3 OR administrator$l OR agent$l OR 
vendor$ OR server$l OR station$l) 



US PAT 
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SAME 



((person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR4 (information OR data OR attribute$l 
OR detail$l OR characteristic^!) ) 



SAME 



(((secur$4 OR access$4 OR authoriz$6 OR 
authoris$6) NEAR4 (level$l OR categor$3 OR 
option$l)) OR privilege$l) ) ) AND 

( (person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 



WITH 



(transmi$6 OR send$4 OR forward$4 OR 
transfer$6 OR receiv$4 OR download$4 OR 
retriev$4)) AND ( ( (secur$4 OR access$4 OR 
authoriz$6 OR authoris$6 OR privilege$l) 
NEAR4 (level$l OR categor$3 OR option$l OR 
zon$3 OR layer$3 OR grain$l OR granular$4 
OR discrete) )) ) AND (request$4 



SAME 



(((person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 



WITH 



(transmi$6 OR send$4 OR forward$4 OR 
transfer$6 OR receiv$4 OR download$4 OR 
retriev$4) ) ) ) AND ( (person$4 OR user$2 OR 
subscriber$2 OR customer$2 OR individual$2 
OR party$l) NEAR 4 (assign$4 OR choos$4 OR 
chosen OR elect$4 OR select$4 OR 
delegat$4) NEAR 4 (secur$4 OR access$4 OR 
authoriz$6 OR authoris$6 OR privilege$l OR 
privat$2 OR privac$3) NEAR4 (level$l OR 
categor$3 OR option$l OR zon$3 OR layer$3 
OR grain$l OR granular$4 OR discrete) ) 
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79 | { (person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR 4 (information OR data OR attribute$l 
OR detail$l OR characteristic$l) ) 



US PAT 



2003/06/02 10:02 



SAME 



( ( (person$4 OR user$2 OR subscriber$2 OR 
customer$2 OR individual$2 OR party$l) 
NEAR 4 (assign$4 OR choos$4 OR chosen OR 
elect$4 OR select$4 OR delegat$4) NEAR4 
(secur$4 OR access$4 OR authoriz$6 OR 
authoris$6 OR privilege$l OR privat$2 OR 
privac$3) NEAR4 (level$l OR categor$3 OR 
option$l OR zon$3 OR layer$3 OR grain$l OR 
granular$4 OR discrete) ) ) 



SAME 



( ( (secur$4 OR access$4 OR authoriz$6 OR 
authoris$6 OR privilege$l OR privat$2 OR 
privac$3) NEAR4 (levelSl OR categor$3 OR 
option$l OR zon$3 OR layer$3 OR grain$l OR 
granular$4 OR discrete) ) NEAR5 
(information OR data OR attribute$l OR 
detail$l OR characteristic$l ) ) 
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Brief Summary Text - BSTX (11) : 

In accordance with a further aspect of the present 
invention, a method for 

establishing a passport includes the steps of (a) 
receiving, in a passport 

agent, a request from a user to establish a passport, (b) 
opening a secure 

communication channel between the passport agent and the 
user, (c) presenting, 

via the passport agent, a series of menus to the user in 
response to which the 

user enters information and (d) storing the user 
information as a passport in a 

passport database. With this particular arrangement, a 
method for allowing a 

user to access a plurality of public network sites is 
provided. In one 

embodiment, the method further includes the step of 
securing the passport data. 

For example, such a method may include the steps of 
assigning an encryption key 

to the user and transmitting a public key to the user to 
allow the user to 

release a passport from the database. Any particular site 
which requires 

particular user information can obtain the user information 
from the user's 

passport without having to prompt the user for the 
parameter each time the web 

site is visited. To protect the user's privacy, the method 
may optionally 
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include the steps of assigning a particular security level 
to each item of user 

information stored in the passport. By assigning a 
security level a user can 

protect sensitive information from being indiscriminately 
disclosed while the 

passport still can be used to grant access to more public 
information . For 

example, if currently visiting the IBM home page on the 
Internet, the user must 

specify a language in which to communicate. Such a user 
parameter may now be 

specified in a user passport which is provided to the home 
page server. Thus, 

a user need no longer specify such a parameter. 



Detailed Description Text - DETX (20) : 

Also coupled to Internet 200 is a passport server 212 
and a passport data 

base 214. Passport server 212 and passport database 214 
may be collectively 

referred to as a passport agent 216. Users 208 can store 
certain personal and 

optional demographic information in passport database 214. 
The information 

need only be stored once, and, at the user's option, 
assigned a security level 

for each item of information . The information may be 
stored, for example, as a 

record or as a file. Thus, passport agent 216 includes a 
database of user 

information for each of the users who wish to utilize the 
services of passport 

agent 216. The information for each particular user is 
stored in a particular 

data structure referred to as a passport. 



Detailed Description Text - DETX (31) : 

The passport 304 includes a second field corresponding 
to a security level 

field 306. A security level is assigned to each item of 
user information 

included in the passport data field 305. Thus, for 
example, if data in field 
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305 is assigned a security level of 0 then the data is 

clear . Alternatively, 

if the data is assigned a security level of 1 then the data 
is secured via a 

security technique such as an encryption technique. The 
passport 304 also 

includes a key field 308. One or more keys for encryption 

and decryption may 

be stored in key field 308. 



Detailed Description Text - DETX (32) : 

Referring to FIG. 4, a flow diagram illustrating the 
process steps to create 

a passport is shown. Coding of the process steps of the 
flowchart of FIG. 4 

into instructions suitable to control the computer systems 
in the passport 

agent 216 and the user system 208 will be understood by 
those having ordinary 

skill in the art of programming. First, the user sends a 
request to generate a 

passport to passport agent 216, as illustrated by process 
step 400. The 

passport agent receives the request, as illustrated by 
process step 402, and 

opens a secure communication channel between the passport 
agent and the 

requesting user, as illustrated by process 404. Passport 
agent 216 then 

presents to the user a series of queries which may be in 
the form of menus, as 

illustrated by process block 406. In response, the user 
enters the requested 

information such as social security number, drivers license 
number, etc., and a 

corresponding level of security to protect the information 

item, as illustrated 

by process blocks 408 and 410. The user specified 
information is referred to 

herein as user information or environmental variables. The 
security levels 

assigned to each item of user information or environment 
variables range from 

highly secure to public. For example, particularly 
sensitive information may 
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be designated as highly secured and assigned a high 
security level of 100 on an 

exemplary scale of 0-100 levels. Less sensitive 
information may be designated 

as less secured or even public and assigned a lower 
security level approaching 

or equal to zero. Next, passport agent 216 provides a 
public key to the user 

to access the passport data, as illustrated by process 418. 
Finally, the 

user's information which collectively comprises the 
Internet passport is stored 

and maintained in a highly secured server site on the 
Internet which serves as 

the passport agent and guarantees the integrity of the 

users passport, as 

illustrated by process block 420. 

Claims Text - CLTX (36) : 

(f) the user assigning a security level to each item of 
user profile 

information ; 

Claims Text - CLTX (37) : 

(g) the passport agent assigning an encryption key to 
the user based at 

least in part on the security level assigned each item of 
user profile 
information by the user ; 

Claims Text - CLTX (50) : 

means for assigning a security level to each item of 
user information 

received by said means for receiving; 

Claims Text - CLTX (69) : 

(c) program code for receiving from the user a security 
level assigned to 

each item of user profile information ; 

Claims Text - CLTX (70) : 
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(d) program code for assigning an encryption key to the 
user based at least 

in part on the security level assigned each item of user 
profile information by 
the user ; 

Claims Text - CLTX (76) : 

(c) program code portion for receiving from the user a 
security level 

assigned to each item of user profile information ; 

Claims Text - CLTX (77) : 

(d) program code portion for assigning an encryption key 
to the user based 

at least in part on the security level assigned each item 
of user profile 
information by the user; 
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